This vulnerability found within the LightNVM subsystem allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. References: https://www.zerodayinitiative.com/advisories/ZDI-22-960/ https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/drivers/lightnvm/Kconfig?h=v5.10.114&id=549209caabc89f2877ad5f62d11fca5c052e0e8
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-2991